我在应用程序中设置适当的规则时遇到问题。以下是我的代码...我创建角色,资源和限制..但是......我希望'consul'被允许转到/ mymodule但是它被拒绝/ mymodule / {add,edit,delete} ..除了删除mymodule的控制器之外,'operat'到处都是......
//creating roles
$guest = new GenericRole('guest');
$consul = new GenericRole('consul');
$operat = new GenericRole('operat');
$admin = new GenericRole('admin');
//adding roles
$acl -> addRole($guest);
$acl -> addRole($consul,'guest');
$acl -> addRole($operat,'consul');
$acl -> addRole($admin,'operat');
//adding resources
$acl -> addResource(new GenericResource('home'));
$acl -> addResource(new GenericResource('application'));
$acl -> addResource(new GenericResource('auth'));
$acl -> addResource(new GenericResource('mymodule'));
//adding restrictions
$acl -> allow('guest', 'home');
$acl -> allow('guest', 'application');
$acl -> allow('guest', 'auth');
$acl -> deny('guest', 'mymodule');
$acl -> allow('consul','mymodule');
$acl -> allow('operat','mymodule','index');
$acl -> deny('consul','mymodule','add');
$acl -> deny('consul','mymodule','edit');
$acl -> deny('consul','mymodule','delete');
$acl -> allow('operat','mymodule');
$acl -> deny('operat','mymodule','delete');
$acl -> allow('admin');
而不是所需的行为,zf2不允许查看/ mymodule为'consul',如果我尝试调试,我有以下(我的代码和注释中的结果):
//some tests
echo $acl->isAllowed('guest', 'mymodule') ? 'allowed' : 'denied'; // denied
echo $acl->isAllowed('guest', 'mymodule','index') ? 'allowed' : 'denied'; // denied
echo $acl->isAllowed('guest', 'mymodule','add') ? 'allowed' : 'denied'; // denied
echo $acl->isAllowed('consul','mymodule') ? 'allowed' : 'denied'; // denied
echo $acl->isAllowed('consul','mymodule','index') ? 'allowed' : 'denied'; // allowed
echo $acl->isAllowed('consul','mymodule','default') ? 'allowed' : 'denied'; // allowed
echo $acl->isAllowed('consul','mymodule','add') ? 'allowed' : 'denied'; // denied
echo $acl->isAllowed('consul','mymodule','edit') ? 'allowed' : 'denied'; // denied
echo $acl->isAllowed('operat','mymodule') ? 'allowed' : 'denied'; // denied
echo $acl->isAllowed('operat','mymodule','index') ? 'allowed' : 'denied'; // allowed
echo $acl->isAllowed('operat','mymodule','default') ? 'allowed' : 'denied'; // allowed
echo $acl->isAllowed('operat','mymodule','add') ? 'allowed' : 'denied'; // allowed
echo $acl->isAllowed('operat','mymodule','edit') ? 'allowed' : 'denied'; // allowed
echo $acl->isAllowed('operat','mymodule','delete') ? 'allowed' : 'denied'; // denied
echo $acl->isAllowed('admin','mymodule') ? 'allowed' : 'denied'; // allowed
echo $acl->isAllowed('admin','mymodule','index') ? 'allowed' : 'denied'; // allowed
echo $acl->isAllowed('admin','mymodule','default') ? 'allowed' : 'denied'; // allowed
echo $acl->isAllowed('admin','mymodule','add') ? 'allowed' : 'denied'; // allowed
echo $acl->isAllowed('admin','mymodule','edit') ? 'allowed' : 'denied'; // allowed
echo $acl->isAllowed('admin','mymodule','delete') ? 'allowed' : 'denied'; // allowed
提前谢谢
答案 0 :(得分:0)
如果您拒绝对资源上的consul角色授予某些权限,则不会将其视为拥有该资源的所有权限(这是您$acl->isAllowed('consul', 'mymodule')时所要求的权限。)
基本上,您需要允许特定权限(例如index)并检查此权限。